In Use - VPN Tunnel
Okay, let's open a browser on a remote PC and take a look at the VPN portal. From a remote PC, open a browser window using Internet Explorer and enter the portal URL we recorded from the Portal Layout page: https://192.168.0.25/portal/SSL-VPN.
If all goes well, you are presented with a login page similar to the one below.
Login with the new user you created using the User and Groups screen earlier. After logging in, the VPN Tunnel screen appears. Refer to Figure 13 below.
The VPN Tunnel screen or "portal" represents the starting point for any users logging into the SSL312. Click the lock graphic to establish a VPN tunnel. NOTE: Be sure and install any ActiveX components that you were asked to install or the connection will not work. Once the connection is established, a new unfamiliar icon appears in your system tray. If you double-click the icon, a VPN Tunnel Connection Status window appears, showing the connection details for your VPN tunnel connection.
Figure 14: SSL312 - ActiveX Control - VPN Tunnel
I normally run TightVNC on all my machines to make them easy to control when I'm out of town on business. So naturally one of the very first tests I wanted to try was to see how well the SSL312 VPN tunnel handled my remote desktop tasks using VNC. I was pleasantly surprised that the VPN tunnel was rock solid. I didn't experience any problems remotely controlling my PCs. Performance was on par with what I normally receive without a VPN connection. In fact, it was hard to tell that I was running over a VPN at all since it felt more like a direct connection.
I've used TightVNC on various IPsec clients from the "big guys" (Cisco, Juniper, Sonicwall, and Checkpoint) and while all have improved since their early incarnations, I still occasionally run into small issues such as losing my internet access while using an application over the tunnel or not being able to connect at all from a hotel because of network address translation (NAT) traversal issues.